Overview

overview

9

Static

static

7

e44cff39a7...cs.exe

windows7-x64

9

e44cff39a7...cs.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e44cff39a72301b9c467bc6d5aa104a0_NeikiAnalytics

  • Size

    117KB

  • Sample

    240516-tjx79acg39

  • MD5

    e44cff39a72301b9c467bc6d5aa104a0

  • SHA1

    0b6c23a001d85ce1c5b1f0afa4552238ab1985e0

  • SHA256

    2e2eaf1cf52717b6574566023efd9c875532160942973fa3e720933c74617cd7

  • SHA512

    c920eb7f5013b7b11922f864df69bf14df99411bf0728f5bbedcbf8c31bcadf80e4086762513cfc4d745cb197a7b87c5be94862e878a1a74f84cb831b82a392d

  • SSDEEP

    3072:hfAIuZAIuYSMjoqtMHfhfkrVa5zYrVa5za:hfAIuZAIuDMVtM/4yCya

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      e44cff39a72301b9c467bc6d5aa104a0_NeikiAnalytics

    • Size

      117KB

    • MD5

      e44cff39a72301b9c467bc6d5aa104a0

    • SHA1

      0b6c23a001d85ce1c5b1f0afa4552238ab1985e0

    • SHA256

      2e2eaf1cf52717b6574566023efd9c875532160942973fa3e720933c74617cd7

    • SHA512

      c920eb7f5013b7b11922f864df69bf14df99411bf0728f5bbedcbf8c31bcadf80e4086762513cfc4d745cb197a7b87c5be94862e878a1a74f84cb831b82a392d

    • SSDEEP

      3072:hfAIuZAIuYSMjoqtMHfhfkrVa5zYrVa5za:hfAIuZAIuDMVtM/4yCya

    Score
    9/10
    ransomwareupx

    • Renames multiple (487) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks